Default Passwords for World Wide Packets/Lightning Edge Equipment

Steven Bellovin smb at cs.columbia.edu
Thu Jan 7 10:51:09 CST 2010


On Jan 6, 2010, at 11:38 PM, Joe Hamelin wrote:

> On Wed, Jan 6, 2010 at 7:19 PM, Dobbins, Roland <rdobbins at arbor.net> wrote:
>> Which goes to show that they just really don't get it when it comes to security.  Maybe they  should look here at all the entries for 'default credentials':
> 
> Roland, this isn't the home wi-fi market we're talking about.  Anyone
> that's going to buy one of these puppies is going to have a clue about
> putting their password in.

Again, look at http://ids.ftw.fm/Home/publications/RouterScan-RAID09-Poster.pdf?attredirects=0 -- while consumer devices were much worse, there was a noticeable problem on enterprise devices and a significant problem with VoIP devices, and I suspect that those latter are largely enterprise-based.


		--Steve Bellovin, http://www.cs.columbia.edu/~smb









More information about the NANOG mailing list